Details
-
Improvement
-
Status: Resolved
-
Minor
-
Resolution: Not A Problem
-
4.5.13, 5.0.3
-
None
Description
To reproduce run on java 11+:
java -cp ... -Djavax.net.debug=ssl:handshake TestApacheHttpClientApp
As you can see from handshake.log file HttpClient always create new tls session.
The root of problem is support of Extended Master Key Extension in https://github.com/openjdk/jdk/blob/jdk-11+28/src/java.base/share/classes/sun/security/ssl/ClientHello.java#L497. The standard jdk HttpURLConnection doesn't be affected this issues because of it sets chc.sslConfig.identificationProtocol equals to HTTPS by default https://github.com/openjdk/jdk/blob/jdk-11%2B28/src/java.base/share/classes/sun/net/www/protocol/https/HttpsClient.java#L560. I tried to repeat the same trick (The commented code), but due to the bugs of JDK https://bugs.openjdk.java.net/browse/JDK-8253368 and may be incorrect implementation of method org.apache.http.impl.BHttpConnectionBase.close it doesn't work.